forked from Github-Mirrors/canaille
adds tests for ENABLE_PASSWORD_COMPROMISSION_CHECK config
This commit is contained in:
sebastien
parent
ec43d9157f
commit
d6dfd439f3
4 changed files with 17 additions and 0 deletions
|
|
@ -112,6 +112,8 @@ def compromised_password_validator(form, field):
|
||||||
"This password appears on public compromission databases and is not secure."
|
"This password appears on public compromission databases and is not secure."
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
def email_validator(form, field):
|
def email_validator(form, field):
|
||||||
|
|
|
||||||
|
|
@ -339,6 +339,8 @@ def test_maximum_password_length_config(testclient):
|
||||||
|
|
||||||
@mock.patch("requests.api.get")
|
@mock.patch("requests.api.get")
|
||||||
def test_compromised_password_validator(api_get, testclient):
|
def test_compromised_password_validator(api_get, testclient):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
|
|
||||||
class Response:
|
class Response:
|
||||||
content = b"1E4C9B93F3F0682250B6CF8331B7EE68FD8:3\r\nCAA6D483CC3887DCE9D1B8EB91408F1EA7A:3\r\nAD6438836DBE526AA231ABDE2D0EEF74D42:3\r\n8289894DDB6317178960AB5AE98B81BBF97:1\r\n5FF0B6F9EAC40D5CA7B4DAA7B64F0E6F4AA:2\r\n"
|
content = b"1E4C9B93F3F0682250B6CF8331B7EE68FD8:3\r\nCAA6D483CC3887DCE9D1B8EB91408F1EA7A:3\r\nAD6438836DBE526AA231ABDE2D0EEF74D42:3\r\n8289894DDB6317178960AB5AE98B81BBF97:1\r\n5FF0B6F9EAC40D5CA7B4DAA7B64F0E6F4AA:2\r\n"
|
||||||
|
|
||||||
|
|
@ -362,11 +364,15 @@ def test_compromised_password_validator(api_get, testclient):
|
||||||
with pytest.raises(wtforms.ValidationError):
|
with pytest.raises(wtforms.ValidationError):
|
||||||
compromised_password_validator(None, Field("azertyuiop123"))
|
compromised_password_validator(None, Field("azertyuiop123"))
|
||||||
|
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = False
|
||||||
|
assert compromised_password_validator(None, Field("password")) is None
|
||||||
|
|
||||||
|
|
||||||
@mock.patch("requests.api.get")
|
@mock.patch("requests.api.get")
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_no_SMTP_in_config(
|
def test_compromised_password_validator_with_failure_of_api_request_and_no_SMTP_in_config(
|
||||||
api_get, testclient, logged_user
|
api_get, testclient, logged_user
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
current_app.config["CANAILLE"]["SMTP"] = None
|
current_app.config["CANAILLE"]["SMTP"] = None
|
||||||
|
|
||||||
|
|
@ -388,6 +394,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_no_SMTP_
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_only_with_htmx(
|
def test_compromised_password_validator_with_failure_of_api_request_and_only_with_htmx(
|
||||||
api_get, testclient, logged_user
|
api_get, testclient, logged_user
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
|
|
||||||
res = testclient.get("/profile/user/settings")
|
res = testclient.get("/profile/user/settings")
|
||||||
|
|
|
||||||
|
|
@ -157,6 +157,7 @@ def test_profile_settings_too_long_password(testclient, logged_user):
|
||||||
|
|
||||||
|
|
||||||
def test_profile_settings_compromised_password(testclient, logged_user):
|
def test_profile_settings_compromised_password(testclient, logged_user):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
"""Tests if password is compromised."""
|
"""Tests if password is compromised."""
|
||||||
|
|
||||||
def with_different_values(password, message):
|
def with_different_values(password, message):
|
||||||
|
|
@ -190,6 +191,7 @@ def test_profile_settings_compromised_password(testclient, logged_user):
|
||||||
def test_profile_settings_compromised_password_request_api_failed_but_password_updated(
|
def test_profile_settings_compromised_password_request_api_failed_but_password_updated(
|
||||||
api_get, testclient, logged_user, backend
|
api_get, testclient, logged_user, backend
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
|
|
||||||
current_app.config["CANAILLE"]["ACL"]["ADMIN"]["FILTER"] = {"groups": "admins"}
|
current_app.config["CANAILLE"]["ACL"]["ADMIN"]["FILTER"] = {"groups": "admins"}
|
||||||
|
|
@ -217,6 +219,7 @@ def test_profile_settings_compromised_password_request_api_failed_but_password_u
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_settings_form(
|
def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_settings_form(
|
||||||
api_get, testclient, backend, admins_group, user, logged_user
|
api_get, testclient, backend, admins_group, user, logged_user
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
|
|
||||||
res = testclient.get("/profile/user/settings", status=200)
|
res = testclient.get("/profile/user/settings", status=200)
|
||||||
|
|
@ -242,6 +245,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_settings_form(
|
def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_settings_form(
|
||||||
api_get, testclient, backend, admins_group, user, logged_user
|
api_get, testclient, backend, admins_group, user, logged_user
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
current_app.config["CANAILLE"]["SMTP"]["TLS"] = False
|
current_app.config["CANAILLE"]["SMTP"]["TLS"] = False
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -155,6 +155,7 @@ def test_registration_mail_error(SMTP, testclient, backend, smtpd, foo_group):
|
||||||
|
|
||||||
def test_registration_with_compromised_password(testclient, backend):
|
def test_registration_with_compromised_password(testclient, backend):
|
||||||
"""Tests a nominal registration with compromised password."""
|
"""Tests a nominal registration with compromised password."""
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
||||||
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
||||||
|
|
||||||
|
|
@ -178,6 +179,7 @@ def test_registration_with_compromised_password(testclient, backend):
|
||||||
def test_registration_with_compromised_password_request_api_failed_but_account_created(
|
def test_registration_with_compromised_password_request_api_failed_but_account_created(
|
||||||
api_get, testclient, backend
|
api_get, testclient, backend
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
||||||
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
||||||
|
|
@ -208,6 +210,7 @@ def test_registration_with_compromised_password_request_api_failed_but_account_c
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_register_form(
|
def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_register_form(
|
||||||
api_get, testclient, backend, admins_group
|
api_get, testclient, backend, admins_group
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
||||||
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
testclient.app.config["CANAILLE"]["EMAIL_CONFIRMATION"] = False
|
||||||
|
|
@ -242,6 +245,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_
|
||||||
def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_register_form(
|
def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_register_form(
|
||||||
api_get, testclient, backend, admins_group
|
api_get, testclient, backend, admins_group
|
||||||
):
|
):
|
||||||
|
current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
|
||||||
api_get.side_effect = mock.Mock(side_effect=Exception())
|
api_get.side_effect = mock.Mock(side_effect=Exception())
|
||||||
current_app.config["CANAILLE"]["SMTP"]["TLS"] = False
|
current_app.config["CANAILLE"]["SMTP"]["TLS"] = False
|
||||||
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
testclient.app.config["CANAILLE"]["ENABLE_REGISTRATION"] = True
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue